By NICK ESPINOSA, Security Fanatics, South Barrington IL
Special to HPAC Engineering
Recently, I had the pleasure of speaking at the MCAA Technology Conference in Tampa. When putting together the presentations for that event I was asked to talk about the Dark Web in detail. Outside of technology professionals, many people don’t know much about what the Dark Web is beyond it being a place where a lot of bad things happen by a lot of bad people. While there is some truth to that, there is a bit more to the story. So without further ado, here is your primer on what the Dark Web is and what actually goes on in there!
However, before we can dive into what the Dark Web is we have to understand the Deep Web first. In a nutshell, the Deep Web is simply places on the internet that search engines like Google or Yahoo cannot search. As an example, let me ask you this question: Can I, or anyone else on the planet, Google your bank account and see how much money you have in your checking account? Hopefully you answered “No!” Your bank has created a space on the internet to hold your data that is protected so Google can’t see it. And this is what the Dark Web is; a place that cannot be searched by a Google.
With this understanding, let’s talk about the Dark Web and the activity that goes on in it. Probably the largest activity that occurs in the Dark Web is the buying and selling of personal information. The Dark Web has thousands of Identity Theft forums where you can buy personal information on an individual or multiple individuals or even hundreds of millions of people in a single purchase!
Everything’s For Sale
The information for sale ranges from basic things like login credentials to various websites like Facebook, Google, PayPal and various corporations to full and complete information on a person including social security numbers, addresses, driver’s license information and more (thanks to the Equifax data breach we’ve seen a complete explosion in Identity Theft sales).
At the MCAA Conference, I actually demonstrated ‘live’ how I can instantly get usernames and passwords for a major corporation that many HVAC contractors know with virtually no effort. I didn’t “hack” into them. Rather, I just exposed the data that was already publicly accessible.
If you’ve heard of ransomware, infections, computer viruses, malware or spyware, then you may already know that the Dark Web is the place to purchase it. Hands down, the largest cyber weapons broker is the Russian Mafia and let me tell you, they’re on it! This is a major money making operation for them. I can, and have, purchased malware, ransomware and more from them (for research purposes obviously) and they’re excellent about providing updates to their products and also tech support. Seriously. “I’m sorry you’re having a problem running your terror campaign, sir. How can we help?”
How It All Works
The advertisements for these products on the Dark Web are everywhere and they will also tell me, sometimes literally to the minute, exactly what anti-virus scanners the malware will bypass and what version updates this product can evade. Is your virus scanner four hours out of date? No problem! I can go purchase something in minutes and hit you immediately.
Right now, we’re seeing a rise in crypto-mining infections coming out of the Dark Web. Instead of traditional ransomware that locks you out of your files and asks you for money, crypto-mining infections don’t touch your files. Rather, they use all of the resources on your computer, phone (your mobile is HIGHLY susceptible to infections, both iPhone and Android) to mine for cryptocurrency. As the price of Bitcoin exploded a while back, so did these infections. Hackers realized using your resources to mine a single coin is worth thousands of dollars versus the few hundred they could get from ransoming, if you even paid them. When Bitcoin’s price dropped, crypto-mining infections went down. Now, as Bitcoin’s price is climbing again, we are once again seeing the growth of this type of infection.
Many HVAC contractors are actually targets for crypto-mining infections, primarily because many HVAC companies are not running aggressive cybersecurity measures that would prevent the installation and spread of this type of infection.
The other major infection coming out of the Dark Web is banking trojans. These are infections that are designed to steal confidential information from bank accounts by hijacking your computer or phone. They either use your legitimate banking app to send a copy of your information to a malicious website or use an app that masquerades as your legitimate banking app and then steals everything!
Beyond personal information and infections, there are plenty of other illegal acts in the Dark Web that may not affect you directly. Weapons trafficking is a major problem in the Dark Web. Researchers for the RAND Corporation estimate that almost 60% of all illegal firearms being sold in the Dark Web originate from the USA. Everything from handguns to sub-machine guns are available for sale to anyone, including groups like ISIS, which has a major presence in the Dark Web as well.
Sex trafficking is another unfortunate market, as well. According to the United Nations about 20 million people are estimated to be victims of human trafficking, many of them children, and the Dark Web is a relatively safe way to buy and sell human beings. We can dovetail this serious problem with the other serious issue of child pornography which is regularly traded by people in the Dark Web. The monsters that purvey this trade are constantly hunted by multiple law enforcement agencies around the globe. In a move that everyone applauded, the hacker collective known as Anonymous, in 2017, was able to successfully destroy 20% of the Dark Web infrastructure that was hosting this material and exposed some of these criminals. I have no doubt law enforcement was happy for the assist in this case.
Dark, Darker, Darkest
But wait, there’s more! Narcotics trafficking is also a Dark Web market. Want to buy literally anything for personal use? No problem! Want to take on El Chapo and have a go at being a drug lord? You can become a narcotics broker as well. In August of 2018, US federal law enforcement ran an operation called “Operation Darkness Falls” and were able to capture and arrest one of the most prolific fentanyl dealers in history. Like the other markets, law enforcement is actively involved in trying to keep this off our streets.
At this point you may be wondering how on earth is everyone paying for illegals drugs, guns and even humans on the Dark Web and how are they being delivered. Good question! In a nutshell, cryptocurrency is the money of choice for basically all Dark Web transactions. Since currencies like Bitcoin and Ethereum are not regulated by any government, it’s ideal for illegal transactions since it cannot be easily traced, if at all. In terms of shipping, the U.S. Postal Service is the carrier of choice for drugs even some weapons. Countries around the world are seeing their postal services used in this manner and are starting to react more proactively to this issue. For humans, there are usually brokers such as the mafia. If you order a human from the other side of the planet they’ll be “shipped” by these organizations like cattle via shipping containers and received by organized crime associates at the destination port. The giant air conditioner your HVAC supplier just purchased from Germany or China could literally be sitting next to a container full of humans while it travels across the ocean, and that’s a terrifying prospect.
Silver Linings, Defense Playbook
There is a silver lining to the Dark Web though. For all the insanity I just walked you through, we can look to oppressive regimes around the world to see where the Dark Web is a benefit! When living in a country where internet censorship and general oppression is the rule of law, said country inevitably has a part of their population that actively (though secretly) rails against the regime. The Dark Web gives these dissidents a place to securely communicate and to organize actions against their governments. Dissidents from Iran, North Korea, China and several other oppressive countries in Asia and Africa all use the Dark Web daily, often times supporting each others’ struggles from afar.
So that’s the Dark Web. Spending many hours in it for research and my job, it’s honestly not a place I would want to visit on a regular basis. In cybersecurity it’s a necessary evil. For the average HVAC contractor, awareness of the problem is important but the defense of your network is of paramount concern. Defensive technology like Next Generation Firewalls, Next Generation Anti-Virus, ‘live’ monitoring for threats and more, help to ensure that your operations aren’t disrupted by any of the infections or problems here.
So here’s to keeping this industry safe from the scourge of the internet!
The author is a CIO, keynote speaker, author & radio show host, and a member of the Forbes Technology Council. As chief security fanatic at the consulting firm Security Fanatics, based outside Chicago, he has spoken multiple times at Mechanical Contractors of America Association events.